package com.ys.security.nodb.controller;

import com.ys.security.nodb.vo.UserDO;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.security.Principal;

@RestController
@RequestMapping(value = "/user")
@PreAuthorize("hasRole('USER')")
public class UserController {

    @GetMapping("/post1")
    public String user(@AuthenticationPrincipal Principal principal, Model model) {
        model.addAttribute("username", principal.getName());
        return "user/user";
    }

    @PostMapping("/post")
    public String user(@RequestBody UserDO userDO) {

        return "userDO/userDO";
    }

}
